8000 Oauth 2, support role as string or array · Issue #840 · tchiotludo/akhq · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Oauth 2, support role as string or array #840

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
l4crito opened this issue Oct 1, 2021 · 8 comments · Fixed by #1263
Closed

Oauth 2, support role as string or array #840

l4crito opened this issue Oct 1, 2021 · 8 comments · Fixed by #1263
Labels
backend Need a backend update enhancement New feature or request login Login & Acls on AKHQ

Comments

@l4crito
Copy link
l4crito commented Oct 1, 2021

Hi, whenever we try to login using pingf , if the user on pingf has only one role/group attached in oidc then it comes as a string instead of an array and akhq don't recognize that role/group, any advice on this ?

oidc clame retuns something like this, login fails
{
"client_id": "some_id",
"lastName": "some_last_name",
"firstName": "some_name ",
"roles": "some_role",
}

oidc clame retuns something like this, login succeeds
{
"client_id": "some_id",
"lastName": "some_last_name",
"firstName": "some_name ",
"roles": ["some_role","another_role"],
}

oidc config is like below

  oidc:
    enabled: true
    providers:
      pingf:
        label: "Login with Pingf"
        username-field: id
        groups-field: roles
        groups:
          - name: some_role
            groups:
              - admin
@tchiotludo
Copy link
Owner

Does look suprinsing so far.
When you say login failed ? do you have any error on the backend or front end ?

@l4crito
Copy link
Author
l4crito commented Oct 1, 2021
edited
Loading

login succed: redirects to akhq topics, login fails : stays on login screen

@tchiotludo
Copy link
Owner

no error on backend log ?

@l4crito
Copy link
Author
l4crito commented Oct 1, 2021

no backend error so far, think stays on login screen because it is not mapping any group/role

@tchiotludo
Copy link
Owner

OK so must be catch by micronaut and I think I can't do anything for that ...

@l4crito
Copy link
Author
l4crito commented Oct 1, 2021

whenever the group-field:roles comes as a individual string instead of an array, akhq redirects back to login screen always, when the group-field:roles comes as an array from oidc provider it works fine without issue, is there a way to support the string as well?

@tchiotludo
Copy link
Owner

I don't think it's possible, keep it open to look at in the future.
Or PR are welcome ☺️

@tchiotludo tchiotludo changed the title Pingf 1 role coming (oauth2) Oauth 2, support role as string or array Oct 1, 2021
@tchiotludo tchiotludo added backend Need a backend update enhancement New feature or request login Login & Acls on AKHQ labels Oct 1, 2021
@l4crito
Copy link
Author
l4crito commented Oct 1, 2021

thanks for taking some time to this

@z06tbond z06tbond mentioned this issue Nov 21, 2022
Merged
@tchiotludo tchiotludo moved this to Done in Backlog Jun 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
backend Need a backend update enhancement New feature or request login Login & Acls on AKHQ
Projects
Backlog
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(auth): oidc group can be a string
2 participants
@tchiotludo @l4crito
0